WordPress New release security update 5.2.4

The 5.2.4 WordPress security release fixes 6 security issues

– stored XSS (cross-site scripting) could be added via the Customizer.

– method of viewing unauthenticated posts.

– a stored XSS to inject Javascript into style tags.

– a method to poison the cache of JSON GET requests via the Vary: Origin header.

– discovered issues related to referrer validation in the admin.

Remember if you find a WordPress security issue you should  privately disclose the vulnerabilities

WordPress 5.2.4 is a short-cycle security release. The next major release will be version 5.3.

You can download WordPress 5.2.4 or visit Dashboard → Updates and click Update Now. Sites that support automatic background updates have already started to update automatically.

Re-blogged from the official WordPress blog here

As always all of our customers are protected from all the above security bugs, as all of the WordPress Core installations running on our platform are the latest. In case you have any issues, please send us a message at support[at]wordpress-managment.com

5/5 (2 Reviews)